Security news, trends, analysis and practical advice

blockchain code
Android apps (2)

Digital Key, security, encryption

Toy maker's website pushed growing ransomware threat

The website of toy maker Maisto was infected with malicious code that distributed CryptXXX, a new and increasingly widespread ransomware program.

spying eye

Supreme Court approves rule change that expands FBI computer search powers

The Supreme Court has adopted amendments to a rule to give judges the authority to issue warrants to remotely search computers whose locations are concealed using technology.

slack icon

Devs leak Slack access tokens on GitHub, put sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams' internal chats and other data at risk.

Fraud gang targeted large European companies

Estonian man gets 7 years in prison for role in global DNS hijacking botnet

An Estonian man was sentenced to 87 months in a U.S. prison for his role in a cybercriminal operation that infected more than 4 million computers with DNS hijacking malware.

isis flag graphic

ISIS' cyberattack abilities remain unorganized and underfunded -- for now

The U.S. and its allies should be concerned about cyberattacks from ISIS-affiliated groups, but the hackers are poorly organized and likely underfunded, at least in the short term, according to a new report.

stage in blue light

The post-acquisition blues

The company calls in our manager to take a look around at a small software company it’s acquiring — after the deal has been signed.

iphone security lockscreen thinkstockphotos 456090717

FBI confirms it won't tell Apple how it unlocked terrorist's iPhone

FBI didn't buy full "rights" about the hack, including info about how the method functions, a spokeswoman says.

US Capitol

House unanimously passes bill to protect email and cloud privacy

The U.S. House of Representatives has approved a bill to strengthen privacy protections for email and other data stored in the cloud.


The Humble Hacker’s Book Bundle

A bundle of ebooks that will sharpen your hacking skills -- at almost any price you care to pay!


Most breaches are still caused by PEBKAC and ID10T errors like falling for phishing

Open. Clickety click. Pwned. Humans are still the weak security link, falling for phishing even more often than before, which leads to breaches.

spying eye

Group uses Windows hotpatching method for malware

A cyberespionage group active in Asia has been leveraging a Windows feature known as hotpatching in order to better hide its malware from security products.

w2 phishing

Report says criminals are better communicators than IT staffers

Humans remain the largest security risk, a new Verizon report says.

hardware security embedded circuit board integrated controller

SWIFT banking network warns customers of cyberfraud cases

SWIFT, the international banking transactions network, has warned customers of "a number" of recent cyber incidents that criminals used to send fraudulent messages through its system, according to a news report.

security code big data cyberespionage DDoS

Empty DDoS threats deliver $100K to extortion group

A group of cybercriminals extorted over $100,000 from companies by threatening to launch DDoS attacks against them, without even having the capability to do so.

hacker hacked threat

5 tips for defending against advanced persistent threats

Is your organization prepared to do battle against an APT? You'd better be.

new job roles

5 steps to simple role-based access control

Despite all of the advanced attack scenarios we face in the world of cybersecurity today, it seems like we continue to shoot ourselves in the proverbial feet with the simple things.

Spotify hack accounts leak

Spotify hacked? Angry users fight to regain accounts

News reports report news of Spotify hack -- there seem to have been many users' account details leaked on Pastebin. But the Swedish streaming service says all is safe, rather implying it's users are the ones at fault...

Dogspectus ransomware for Android

Dogspectus: Android ransomware silently installs, demands $200 iTunes gift card ransom

Dogspectus is a ransomware that silently installs on Android devices, via malvertising and a Hacking Team exploit, then demands a ransom of $200 in iTunes gift cards.

Load More